RE: [fw-wiz] FW appliance comparison - Seeking input for the forum

> I'd like to ask the forum for any input (good or bad) on a comparison
between the Cisco ASA
> 5510 and the Symantec SGS 5620 ...
>
> We're looking to replace our current firewall setup with an appliance type
approach.

If you buy into the vendorspeak, those two products sound awfully similar.
But they're not. What they do have in common is that they are an amalgam of
products already on the market. So I guess if you're also trying to
conserve rack space, these are the products for you. :-)

The ASA 5510 literally possesses the functionality of a PIX, SecureIDS
(formerly NetRanger), and a VPN 3000 Concentrator (formerly Allegro plus
some SSL VPN code from Twingo). That's a fast stateful firewall, a lousy
NIDS appliance, and a VPN appliance with decent IPSec support, but a lousy
SSL VPN implementation.

As you may have guessed, I'm not psyched about either of these products.
Both have given me headaches in the past. It might cost you more, but you
ought to consider buying the components you need on a separate basis.

PaulM

* A marginally interesting side note, these are Sun-made x86 servers running
Linux. This bizarre pedigree dates back to a contract that Axent had with
Cobalt to supply hardware (RaQ servers) for the VelociRaptor appliances.
Somehow this relationship has survived both of the original parties being
purchased (Sun bought Cobalt just a few months after Symantec bought Axent
in 2000).

Re: How safe for firewall rule using 127.0.0.0/8... >> The user connects to a website running an ssl vpn server,... The server offers to him to download the vpn ... >> his AV or his firewall, or do anything else nefarious like that. ... > horse was something that you WANT to install,...(comp.security.firewalls)